www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Cannot access subnet except through ZS command line

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking
View previous topic :: View next topic  
Author Message
nqs



Joined: 01 Sep 2010
Posts: 1

PostPosted: Wed Sep 01, 2010 9:08 pm    Post subject: Cannot access subnet except through ZS command line Reply with quote

Hi peeps. I'm new to zeroshell and am having trouble accessing hosts behind zer
oshell from outside. from inside to u\out is fine, but not from parent subnet t
o inside

My network is a bit different, as I connect to landlady's network via wireless. so the current setup looks like:

internet --> WAP --> wireless bridge --> switch0 --> zeroshell --> switch1 --> host

eventually switch0 will be removed and all machines connected to switch1. Except for the zeroshell box all machines downhill of the bridge are running gentoo linux.

switch0 is connected to eth00 @ 192.168.1.3. wap is .1 and bcridge is .2. the interface for switch1 is eth01, with an address of 192.168.2.1. currently only machine connected to switch1 is configured at 192.168.2.5, hostname 'codex'.

When I try to ping codex from any other machine on the network, it fails. However, if I ssh to zeroshell and ping from there, it works. same on both points for ssh to codex. this is using both hostname and IP to connect (IP only from zeroshell)

once connected to codex, pings to 192.168.2.1, 192.168.1.x, and www.google all work.

don't know if it matters, but the machine i'm attempting to communicate with codex via a wireless connected laptop. I am going to try to see if a direct hookup makes a difference

a direct hookup does not change any of the above.

NQS
Back to top
View user's profile Send private message
ppalias



Joined: 17 Dec 2008
Posts: 1151
Location: Athens, Greece

PostPosted: Thu Sep 02, 2010 6:26 am    Post subject: Reply with quote

Most likely you are NATing traffic going out of ETH00 interface. This means that all traffic coming from ETH01 interface has its source IP translated into the IP of ZS (192.168.1.3). In order to make it work from outside to inside you have to do 2 things:
1) Add a static route on the router outside for the network 192.168.2.0/24 that is reachable via 192.168.1.3
2) Remove NAT completely or configure it not to masquerade when the destination address is 192.168.0.0/16
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group